deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 10:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
c22e06dc9fef61b758b14398e61a090ad1af1439
windows-itpro-docs/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
John Liu a8680be7fe CAT Auto Pulish for Windows Release Messages - 20190910123725 (#1079) 
* Update waas-servicing-differences.md

Added two clarifications regarding Windows 10 preview updates.  I have consistently fielded questions about why they are 'missing' in people's enterprise environments.  It almost always boils down to one of these two notes: they either weren't published to WSUS or they are looking for the word 'Preview' in the title.

* Update windows/deployment/update/waas-servicing-differences.md

Looks great, thanks Johan!

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update waas-servicing-differences.md

Implement the MarkDown standard of using 1 space between the indent marker > and the [!Note] markers

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Updated the document

Updated the steps in the document related to Windows Analytics Solutions.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4392

* Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update autopilot-support.md

Remove redundant line (PFE was the old term for an Ecosystem PM).  And added new alias for Ecosystem PMs (after discussing all this with the Ecosystem PM managers).

* Terminology Correction

Terminology Correction

* Incorrect Command Line Arguments

According to this doc https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-setup-command-line-options the correct command line argument for ignoring dismissable warnings is /Compat IgnoreWarning not /compat /ignore warning as specified here in the docs. Also, the same incorrect message is included in the setupdiag.exe, so when the report is generated, it is providing incorrect guidance.

* Update mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md

* Enterprise Mode schema: duplicate https usage

- Resolve duplicate use of https where both http and https was intended
- MarkDown code fence XML tag corrections
- Replace HTML `<br>` codes with NewLine
- Remove redundant space at the end of the version 2 file

Resolves #4769

* Update: NewLine changes

- Remove extraneous NewLine breaks
- Remove missed HTML `<br>` code

* Update credential-guard-manage.md

* Update event-5155.md

* Update windows-autopilot-requirements.md

Separated the Windows Autopilot deployment service and Windows Activation items into two separate rows to make it easier to read.

* Update upgrade-mbam2.5-sp1.md

* finish

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update kiosk-mdm-bridge.md

* Windows Update resources: add MD code block

Description:

The list of manual regsvr32.exe commands becomes translated in other
languages, to the extent that extra words appear among the commands.
This is an attempt to mitigate this behavior in the machine translation,
by adding a MarkDown code block around the list of commands.

Proposed changes:
- Add MD code block around the long list of regsvr32.exe commands
- Remove blank space characters at the end of each line (cosmetic)

issue ticket reference or closure:
Ref. #4800 (Spanish "translation" of commands)
Ref. #3569, #3570, #3571, #3572, #3574, #3575
( [LOC] Back-Translation "regsvr32.exe [...]" )

* MetaData update: convert ^M (2x) to NewLine

- replaced Ctrl-M character with NewLine in MetaData

* Update mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* comment

* Clarify the registry key needed to set tags

* Update microsoft-defender-atp-mac-install-with-intune.md

adding troubleshooting step for common 'no license found' issue

* Add page for Audit Token Right Adjusted

* Windows/What's New: amend broken link in See Also

The first link under "See Also",
"What's New in Windows Server, version 1903" ,
is broken because it points to the wrong directory for the file
'whats-new-in-windows-server-1903' which resides in the new directory
/get-started-19/ instead of the old directory /get-started/.

This directory difference is only present in the docs.microsoft.com
pages, not on Github. The links are therefore pointing directly to the
docs.microsoft.com pages instead of being relative to the Github
directory structure.

Broken link:
https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903

Operative link:
https://docs.microsoft.com/windows-server/get-started-19/whats-new-in-windows-server-1903

Closes #4784

* Update TOC.md

* Added multifactor unlock

Added multifactor unlock feature update using Passport for work CSP.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4700

* Added policies for 1803 and 1809 (1903 not out yet)

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3912

* Fix typo

* Actually fix typos

* Windows Defender Antivirus: amend broken link

From the issue ticket
> Set-mppreference is configured with dead URL. (#4831)

- The link "Use the [Set-MpPreference][]" is broken,
  but without the empty brackets it will work as expected.
- Removing the redundant empty brackets after the next link too.

Closes #4831

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update upgrading-to-mbam-25-sp1-from-mbam-25.md

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* URL addition of OWA

Added URL for OWA attachment protection using WIP

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3747

* Update windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Fixed text

"Automated investigation" instead of "Alert"

* Update waas-overview.md

Corrected a typo

* Update windows/deployment/update/waas-overview.md

Makes sense.

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* edit

* Update microsoft-recommended-block-rules.md

updated typo in description.

* Update windows/security/threat-protection/auditing/audit-token-right-adjusted.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* note ragarding Company Portal change

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3843

info found here: https://blogs.technet.microsoft.com/cbernier/2018/03/08/windows-information-protection-adding-the-intune-company-portal-for-windows-as-an-exempt-app/

* Update microsoft-defender-atp-mac-install-with-intune.md

* Microsoft Defender ATP: amend copy-paste error

When using Microsoft Intune as part of the Defender ATP setup,
it will become necessary to configure some controlled folder access.
This bug looks like it could have been transferred from one of the
other pages during editing, but I could not locate it easily enough.

Anyway, the correct part of this step is to refer to
-- Controlled folder access --
exactly as the page name points to.

Thanks to jcampos79 for discovering this text-based bug.

Closes #4854

* Updated how to disable HVCI

Prior guidance to disable HVCI was outdated

* Update windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* update content of upgrade mbam2.5 sp1

* Removed bullet

Removed bullet as it was not making any sense.

* format setting

a minor format setting

* Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* sample script syntax error due to ASCII codes for quotes

sample script filter syntax contained ASCII codes for single quotes instead of actual quotes, causing the Get-CimInstance commands to error out.

* Update how-windows-update-works.md: amend typo

Simple typo correction, along with a few MarkDown
codestyle corrections for MD blockquote (`>`) indenting.

- typo correction: initates -> initiates
- codestyle corrections:
  3 MarkDown blockquote indentations amended

Thanks to Jessie Gouw (jessiegouw) for reporting the typo.

Closes #4866

* Moved '.' syntax description to a separate table

* fixes #4760, broken table

The formatting was broken because a pipe character was in the wrong place. There was also an extra row due to double spacing below the table.

* Enterprise Mode schema: convert Important notes

As previously discussed in this PR, I have converted the
**Important** section headings by using their MarkDown equivalent
> [!IMPORTANT] (as well as adding the blockquote for its text content).

* Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md

Per review.

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md

Per review.

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Spelled out acronym, fixed typo

* pull from public to private and fix warnings

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073)

* pull from public to private and fix warnings

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417 (#1077)

* Cat auto publish 20190910112417 (#1081)

* Merge changes from master to live (#950)

* v 1.6

* removed a known issue

* removed references to CB, CBB

* Latest changes for publish today (#949)

* Merge from master to live (#956)

* safety checkin

* added location for group policy object

* replaced reboot w/ restart

* safety commit for some initial noodlings

* restructured to emphasize new policy; connected to TOC

* adjusting heading levels

* fixing tables

* Latest change for August 20 (#955)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190823163336 (#980) (#981)

* CAT Auto Pulish for Windows Release Messages - 20190829112356 (#1007)

* Update deploy-the-latest-firmware-and-drivers-for-surface-devices.md

* add table

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829102107 (#1006)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829175859 (#1012) (#1013)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190830100739 (#1018) (#1019)

* CAT Auto Pulish for Windows Release Messages - 20190903135254 (#1033)

* SIEM connector: change alert notion to Detection

* update casing and redirects

* remove space json file

* fix json

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190903123340 (#1031)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190906173611 (#1061) (#1062)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) (#1074)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417
2019-09-10 13:41:31 -07:00

11 KiB
Raw Blame History

ms.localizationpriority, ms.mktglfcycl, ms.pagetype, description, author, ms.prod, ms.assetid, ms.reviewer, audience, manager, ms.author, title, ms.sitesec, ms.date
ms.localizationpriority ms.mktglfcycl ms.pagetype description author ms.prod ms.assetid ms.reviewer audience manager ms.author title ms.sitesec ms.date
medium deploy appcompat Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 7 or Windows 8.1 Update. lomayor ie11 17c61547-82e3-48f2-908d-137a71938823 itpro dansimp lomayor Enterprise Mode schema v.1 guidance (Internet Explorer 11 for IT Pros) library 07/27/2017

Enterprise Mode schema v.1 guidance

Applies to:

  • Windows 10
  • Windows 8.1
  • Windows 7

Use the Enterprise Mode Site List Manager (schema v.1) to create and update your Enterprise Mode site list for devices running the v.1 version of the schema, or the Enterprise Mode Site List Manager (schema v.2) to create and update your Enterprise Mode site list for devices running the v.2 version of the schema. We strongly recommend moving to the new schema, v.2. For more info, see Enterprise Mode schema v.2 guidance.

If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app.

Enterprise Mode schema v.1 example

The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.

Important

Make sure that you don't specify a protocol when adding your URLs. Using a URL like <domain>contoso.com</domain> automatically applies to both http://contoso.com and https://contoso.com.

<rules version="1">
  <emie>
    <domain exclude="false">www.cpandl.com</domain>
    <domain exclude="true">www.woodgrovebank.com</domain>
    <domain exclude="false" forceCompatView="true">adatum.com</domain>
    <domain exclude="true">contoso.com</domain>
    <domain exclude="true">relecloud.com
      <path exclude="false">/about</path>
    </domain>
    <domain exclude="false">fabrikam.com
      <path exclude="true">/products</path>
    </domain>
  </emie>
  <docMode>
    <domain>contoso.com
      <path docMode="7">/travel</path>
    </domain>
    <domain>fabrikam.com
      <path docMode="7">/products</path>
    </domain>
  </docMode>
</rules>

Schema elements

This table includes the elements used by the Enterprise Mode schema.

Element Description Supported browser
<rules> Root node for the schema.

Example 

<rules version="205">
  <emie>
    <domain>contoso.com</domain>
  </emie>
</rules>
 Internet Explorer 11 and Microsoft Edge
<emie> The parent node for the Enterprise Mode section of the schema. All <domain> entries will have either IE8 Enterprise Mode or IE7 Enterprise Mode applied.

Example 

<rules version="205">
  <emie>
    <domain>contoso.com</domain>
  </emie>
</rules>
-or-

For IPv6 ranges:

<rules version="205">
  <emie>
    <domain>[10.122.34.99]:8080</domain>
  </emie>
  </rules>
-or-

For IPv4 ranges:

<rules version="205">
  <emie>
    <domain>10.122.34.99:8080</domain>
  </emie>
  </rules>
 Internet Explorer 11 and Microsoft Edge
<docMode> The parent node for the document mode section of the section. All <domain> entries will get IE5 - IE11 document modes applied. If there's a <domain> element in the <docMode> section that uses the same value as a <domain> element in the <emie> section, the <emie> element is applied.

Example 

<rules version="205">
  <docMode>
    <domain docMode="7">contoso.com</domain>
  </docMode>
</rules>
 Internet Explorer 11
<domain> A unique entry added for each site you want to put on the Enterprise Mode site list. The first <domain> element will overrule any additional <domain> elements that use the same value for the section. You can use port numbers for this element.

Example 

<emie>
  <domain>contoso.com:8080</domain>
</emie>
 Internet Explorer 11 and Microsoft Edge
<path> A unique entry added for each path under a domain you want to put on the Enterprise Mode site list. The <path> element is a child of the <domain> element. Additionally, the first <path> element will overrule any additional <path> elements in the schema section.

Example 

<emie>
  <domain exclude="true">fabrikam.com
    <path exclude="false">/products</path>
  </domain>
</emie>

Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does.

 Internet Explorer 11 and Microsoft Edge

Schema attributes

This table includes the attributes used by the Enterprise Mode schema.

Attribute Description Supported browser
<version> Specifies the version of the Enterprise Mode Site List. This attribute is supported for the <rules> element. Internet Explorer 11 and Microsoft Edge
<exclude> Specifies the domain or path excluded from applying the behavior and is supported on the <domain> and <path> elements.

Example 

<emie>
  <domain exclude="false">fabrikam.com
    <path exclude="true">/products</path>
  </domain>
</emie>

Where https://fabrikam.com uses IE8 Enterprise Mode, but https://fabrikam.com/products does not.

 Internet Explorer 11 and Microsoft Edge
<docMode> Specifies the document mode to apply. This attribute is only supported on <domain> or <path> elements in the <docMode> section.

Example 

<docMode>
  <domain exclude="false">fabrikam.com
    <path docMode="7">/products</path>
  </domain>
</docMode>
 Internet Explorer 11

Using Enterprise Mode and document mode together

If you want to use both Enterprise Mode and document mode together, you need to be aware that <emie> entries override <docMode> entries for the same domain.

For example, say you want all of the sites in the contoso.com domain to open using IE8 Enterprise Mode, except test.contoso.com, which needs to open in document mode 11. Because Enterprise Mode takes precedence over document mode, if you want test.contoso.com to open using document mode, you'll need to explicitly add it as an exclusion to the <emie> parent node.

<rules version="1">
  <emie>
    <domain exclude="false">contoso.com</domain>
    <domain exclude="true">test.contoso.com</domain>
  </emie>
  <docMode>
    <domain docMode="11">test.contoso.com</domain>
  </docMode>
</rules>

What not to include in your schema

We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:

  • Dont use protocols. For example, http://, https://, or custom protocols. They break parsing.
  • Dont use wildcards.
  • Dont use query strings, ampersands break parsing.

How to use trailing slashes

You can use trailing slashes at the path-level, but not at the domain-level:

  • Domain-level. Dont add trailing slashes to a domain, it breaks parsing.
  • Path-level. Adding a trailing slash to a path means that the path ends at that point. By not adding a trailing slash, the rule applies to all of the sub-paths.

Example

<domain exclude="true">contoso.com
  <path exclude="false">/about/</path>
</domain>

In this example, contoso.com/about/careers will use the default version of Internet Explorer, even though contoso.com/about/ uses Enterprise Mode.

How to target specific sites

If you want to target specific sites in your organization.

Targeted site Example Explanation
You can specify subdomains in the domain tag. <docMode>
<domain docMode="5">contoso.com</domain>
<domain docMode="9">info.contoso.com</domain>
<docMode>
  • contoso.com uses document mode 5.
  • info.contoso.com uses document mode 9.
  • test.contoso.com also uses document mode 5.
You can specify exact URLs by listing the full path. <emie>
<domain exclude="false">bing.com</domain>
<domain exclude="false" forceCompatView="true">contoso.com</domain>
<emie>
  • bing.com uses IE8 Enterprise Mode.
  • contoso.com uses IE7 Enterprise Mode.
You can nest paths underneath domains. <emie>
<domain exclude="true">contoso.com
<path exclude="false">/about</path>
<path exclude="true">
/about/business</path>
</domain>
</emie>
  • contoso.com will use the default version of IE.
  • contoso.com/about and everything underneath that node will load in Enterprise Mode, except contoso.com/about/business, which will load in the default version of IE.
You cant add a path underneath a path. The file will still be parsed, but the sub-path will be ignored. <emie>
<domain exclude="true">contoso.com
<path>/about
<path exclude="true">/business</path>
</path>
</domain>
</emie>
  • contoso.com will use the default version of IE.
  • contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.